Property Abroad
Blog
Google reports a second "zero day" in Chrome, demonstrated at Pwn2Own 2024.

Google reports a second "zero day" in Chrome, demonstrated at Pwn2Own 2024.

Google reports a second "zero day" in Chrome, demonstrated at Pwn2Own 2024.

Google has addressed two zero-day vulnerabilities in the Chrome web browser that were demonstrated during the Pwn2Own Vancouver 2024 hacking competition. Google this week addressed several vulnerabilities in the Chrome web browser, including two zero-day vulnerabilities, numbered CVE-2024-2886 and CVE-2024-2887, that were demonstrated during the Pwn2Own Vancouver 2024 hacking competition.

The high severity vulnerability CVE-2024-2886 is a post-release memory usage issue located in WebCodecs. The bug was demonstrated by Seunghyun Lee (@0x10n) of KAIST Hacking Lab during Pwn2Own 2024.

The high severity vulnerability CVE-2024-2887 is a type failure issue located in WebAssembly. The vulnerability was demonstrated by Manfred Paul during Pwn2Own 2024.

Google has also addressed the following vulnerabilities:

  • [$10000][327807820] CVE-2024-2883 critical vulnerability: exploitation after memory release in ANGLE. Reported by Cassidy Kim (@cassidy6564) on March 3, 2024
  • [TBD][328958020] High CVE-2024-2885 vulnerability: exploitation after memory release in Dawn.
Recommended News
eXp Realty is elevating agent compensation to a new level with Revenue Share 2.0.

today

0
Real Estate: Stouranar's Warning on Housing Prices - When Will Housing Prices Drop - Economic Courier - ot.gr

today

0
Step inside a townhouse in Tbilisi, Georgia, inspired by Venice.

today

0
Pros and cons of buying a house for 1 euro in Italy

today

0
11 Shows Similar to Baby Reindeer and How to Watch Them

today

0
Recommended real estate
Reported by wgslfuzz on March 11, 2024.

"Channel Stable has been updated to version 123.0.6312.86/.87 for Windows and Mac and 123.0.6312.86 for Linux, which are rolling out over the next few days/weeks. A full list of changes in this build is available in the Journal," reads the alert issued by the IT giant.

The IT giant did not disclose whether the vulnerabilities were actively exploited out of control.

Last week, Mozilla patched two zero-day vulnerabilities in the Firefox web browser exploited during the Pwn2Own Vancouver 2024 competition. Researcher Manfred Paul (@_manfp), the winner of the competition, exploited two vulnerabilities with the following numbers: CVE-2024-29944 and CVE-2024-29943.

On the second day, Paul demonstrated a sandbox bypass in Mozilla Firefox using OOB Write to execute remote code and the "exposed dangerous function" vulnerability. For this hack, he received $100,000 and 10 Master of Pwn points.

Below are descriptions of both problems according to the alert:

  • The CVE-2024-29944 vulnerability only affects the Desktop version of Firefox, mobile versions of Firefox are not affected;
  • CVE-2024-29943: An attacker was able to read or write a JavaScript element out of bounds by tricking the verification mechanism.

Make me an answer in this format: '{text}'

Tags

Both

Comment

Popular Posts

eXp Realty is elevating agent compensation to a new level with Revenue Share 2.0.

today

0

Real Estate: Stouranar's Warning on Housing Prices - When Will Housing Prices Drop - Economic Courier - ot.gr

today

0

Step inside a townhouse in Tbilisi, Georgia, inspired by Venice.

today

0

Pros and cons of buying a house for 1 euro in Italy

today

0

11 Shows Similar to Baby Reindeer and How to Watch Them

today

0

Subscribe to the newsletter from Hatamatata.ru!

I agree to the processing of personal data and confidentiality rules of Hatamatata